Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

splunk

Threat Update: AwfulShred Script Wiper

Apr 21, 2023 By Splunk Threat Research Team In Splunk
The Splunk Threat Research Team (STRT) continues to analyze and produce content related to the ongoing geopolitical conflict in eastern Europe where new variances of destructive payloads are being released, targeting government and civilian infrastructure. The sole purpose of these destructive payloads is to decimate infrastructure; there is no ransom or alternative presented, and they need to be addressed as soon as they are detected.
Read Post
devo

US National Security Deep Dive Pillars 2 and 3: Dismantle Threats and Shape Market Forces

Apr 21, 2023 By John Allison In Devo

Last time we looked at The US National Security Strategy Pillar 1: Defend Critical Infrastructure. Today, we are looking at Pillar 2: Disrupt and Dismantle Threat Actors and Pillar 3: Shape Market Forces to Drive Security Resilience. Preventing the attacks in Pillar 1 would not be necessary if the attackers were taken off the board.

Read Post

Coffee Talk with SURGe: 2023-APR-18 NSO Group, LockBit macOS Encryptors, AI in CTI, MSFT Taxonomy

Apr 19, 2023 By Splunk In Splunk
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge about how generative artificial intelligence could be used in cyber threat intelligence, with proceeds benefiting the ACLU. The trio also discussed Microsoft's new threat actor naming taxonomy and the role of attribution in cyber threat intelligence.
View Video
splunk

Are you a good or great boxer? Real-world approaches of building cyber resilience in 2023

Apr 18, 2023 By James Hanlon In Splunk
You must have been asleep not to have heard about Splunk’s new mission - ‘to build a safer and more resilient digital world’. Why have we chosen this? Well, not because it is a snappy little tagline, but because we know how important digital resilience is to all of our customers in our ever changing times.
Read Post
graylog

Threat Hunting vs Incident Response for Cyber Resilience

Apr 18, 2023 By The Graylog Team In Graylog
Protecting data and protecting business continuity are both similar and different. In a data driven world, your mission as a security analyst is to prevent threat actors from gaining unauthorized access to sensitive data and systems. Simultaneously, you also need to investigate incidents rapidly, ensuring that critical services experience as little downtime as possible.
Read Post
splunk

Introducing the PEAK Threat Hunting Framework

Apr 18, 2023 By David Bianco In Splunk
Cybersecurity is an ever-evolving game of cat and mouse. As security experts come up with new ways to protect valuable digital assets, cybercriminals develop craftier techniques to bypass these defenses. Enter threat hunting – the proactive practice of ferreting out those sneaky cyber-rodents.
Read Post

Splunk SOAR Playbooks - Dynamic Identifier Reputation Analysis (Part 1)

Apr 13, 2023 By Splunk In Splunk
The Dynamic Identifier Reputation Analysis playbook is an essential tool for any security operations center (SOC) team looking for a comprehensive view of their environment’s threat landscape. By leveraging MITRE DEFEND's approach for dynamic identifier reputation analysis, SOC teams can quickly identify potential threats and vulnerabilities and take proactive steps towards mitigating risk before it causes damage.
View Video

Splunk SOAR Playbooks - Dynamic Identifier Reputation Analysis (Part 2)

Apr 13, 2023 By Splunk In Splunk
The Dynamic Identifier Reputation Analysis playbook is an essential tool for any security operations center (SOC) team looking for a comprehensive view of their environment’s threat landscape. By leveraging MITRE DEFEND's approach for dynamic identifier reputation analysis, SOC teams can quickly identify potential threats and vulnerabilities and take proactive steps towards mitigating risk before it causes damage.
View Video
splunk

Endpoint Monitoring: The Ultimate Guide for Enterprise Security & Compliance

Apr 13, 2023 By Kayly Lange In Splunk
You keep your organization’s computers, devices and servers safe, but what about your employees’ devices? The security of their mobile phones, laptops, tablets and other devices is just as critical to your overall security posture. As company endpoints grow, so does their vulnerability. In fact, 66% of organizations are experiencing a growth in endpoint threats.
Read Post
splunk

These Are The Drivers You Are Looking For: Detect and Prevent Malicious Drivers

Apr 13, 2023 By Splunk Threat Research Team In Splunk
The Windows kernel driver is an interesting space that falls between persistence and privilege escalation. The origins of a vulnerable driver being used to elevate privileges may have begun in the gaming community as a way to hack or cheat in games, but also has potential beginnings with Stuxnet.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.